#!/sbin/sh # # Andrei.Ryjov@IT-Secure.COM AKA ayzhov@yahoo.com 09.12.01 22:22'18 # . $JSINCLUDE/Subroutines || exit 1 ; SetRootOpts ; [ X$ROOT != X/ ] && exec Chroot_Script $0 $* HOME=$JS_PKGS_DIR/PKI AF=/tmp/`basename $0`.admin PKGADMIN=" instance=overwrite partial=nocheck runlevel=nocheck idepend=nocheck rdepend=nocheck space=ask setuid=nocheck conflict=nocheck basedir=default action=nocheck " SYNC_USER=gedsync export HOME ROOT ROOTOPTS AF TARGET OS # # nfast needs to be installed first, as we are going to use its # /etc/group entry in variables below # mkdir -p `dirname $AF` for i in $PKGADMIN ; do echo $i ; done >$AF # # Exclude Apache, for now #cho "y\ny\ny" | pkgadd -a $AF -d $HOME/Apache/ITSapache all #cho "y\ny\ny" | pkgadd -a $AF -d $HOME/Apache/ITSssl all echo "y\ny\ny" | pkgadd -a $AF -d $HOME/NFast/nfast.comb.pkg all # drvconfig ; devlinks ; /opt/nfast/sbin/install echo NFast initialisation will be run by self-destroying script after reboot #fmxUID=`expr 1 + \`cut -d: -f3 <$ROOT/etc/passwd | sort -n | tail -1\`` #fmxGID=`expr 1 + \`cut -d: -f3 <$ROOT/etc/group | sort -n | tail -1\`` IfmxUID=1020 IfmxGID=1020 EntrUID=`expr 1 + $IfmxUID` EntrGID=`expr 1 + $IfmxGID` system=" * * * * * * Informix stuff * * * set shmsys:shminfo_shmmax=268435456 set shmsys:shminfo_shmmin=100 set shmsys:shminfo_shmmni=100 set shmsys:shminfo_shmseg=100 set semsys:seminfo_semmap=64 set semsys:seminfo_semmni=4096 set semsys:seminfo_semmns=4096 set semsys:seminfo_semmnu=4096 set semsys:seminfo_semmsl=100 set semsys:seminfo_semume=64 * * * * * * Informix end * * * " passwd=" informix:x:$IfmxUID:$IfmxGID:DB user:/export/home/informix:/bin/sh entrust:x:$EntrUID:$EntrGID:CA user:/export/home/entrust:/bin/sh camas1:x:`expr 1 + $EntrUID`:$EntrGID:CA master:/export/home/camas1:/bin/sh camas2:x:`expr 2 + $EntrUID`:$EntrGID:CA master:/export/home/camas2:/bin/sh camas3:x:`expr 3 + $EntrUID`:$EntrGID:CA master:/export/home/camas3:/bin/sh $SYNC_USER:x:`expr 4 + $EntrUID`:$EntrGID:DirSync:/export/home/$SYNC_USER:/bin/sh " shadow=" informix:NP:11289:::::: entrust:NP:11289:::::: camas1:NoF.KImNGP:11289:::::: camas2:nO..BPJz33:11289:::::: camas3:P.weal,,aP:11289:::::: $SYNC_USER:fNoFuC.INP:11289:::::: " group=" informix::$IfmxUID:entrust,camas1,camas2,camas3 entrust::$EntrGID:entrust,camas1,camas2,camas3,$SYNC_USER " for f in passwd shadow group system ; do eval "echo \"\$$f\"" | while read line ; do [ ! -z "$line" ] && echo "$line" ; done >>$ROOT/etc/$f done for user in `echo "$passwd" | cut -d: -f1` ; do HDir=`echo "$passwd" | egrep "^ *$user:" | cut -d: -f6` UID=`echo "$passwd" | egrep "^ *$user:" | cut -d: -f3` GID=`echo "$passwd" | egrep "^ *$user:" | cut -d: -f4` mkdir -p $ROOT/$HDir [ "$user" = "$SYNC_USER" ] && { cd $HOME/dirsync || exit 1 find ged -print | cpio -cdump $ROOT/$HDir } chown -R $UID:$GID $ROOT/$HDir done NFASTG="`grep '^nfast:' $ROOT/etc/group`" OTHERG="`grep -v '^nfast:' $ROOT/etc/group`" echo "${OTHERG}" >$ROOT/etc/group echo "${NFASTG},entrust,camas1,camas2,camas3" | sed 's/:,/:/' | sed 's/,,/,/' >>$ROOT/etc/group mkdir -p $ROOT/export/informix/ifmxdata chown -R $IfmxGID:$IfmxUID $ROOT/export/informix mkdir -p $ROOT/export/entrust/entbkup chown -R $EntrGID:$EntrUID $ROOT/export/entrust ln -s ./export/informix/ifmxdata $ROOT ln -s ./export/entrust/entbkup $ROOT # # Copy some stuff over to $OWNER's home # OWNER=entrust OHOME=`grep "^$OWNER:" /etc/passwd | cut -d: -f6` cd &&\ find Setup directory webconnector -mount -print \ | cpio -cdump $ROOT/$OHOME [ "`echo $TARGET | cut -d. -f2`" -lt 8 ] && { # # Automated Informix installation fails # in Solaris 8 and up, because of mount and df # cd && cd informix &&\ echo "\n\n\n" | ./install_ifmx.sh && \ echo "\n\n\n100000\n\n\n" | ./config_ifmx.sh cd && cd authority &&\ cd authority &&\ echo "\n\n\n${OWNER}\n${OWNER}\n\n" | ./install.sh } # cd && cd Setup && cp ./S99PKIinstall $ROOT/etc/rc3.d sync kill `ps -eflo pid,comm | grep oninit | awk '{print $1}'` 2>&- sleep 1 kill -9 `ps -eflo pid,comm | grep oninit | awk '{print $1}'` 2>&- sleep 1 # # We presume that Perl is instaled in /usr/local, # and LDAP related modules have not been installed yet # (cd $HOME/dirsync/perl_modules && find . -print | cpio -cdump $ROOT/usr/local)